Privacy Policy

Basic Data Protection Information

Controller  KOA

online services

Purpose

Legal bases

user experience commercial communication

Express consent and legitimate interest

Recipiens No data is transferred to third parties, except legal obligation

Rights  You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.

Additional Additional and detailed information on Data Protection can be found in the attached clauses in information www.koaescueladesurf.com

At  KOA  we  work  to  offer  you  the  best  possible  experience  through  our  products  and  services.  In  some  cases,  it  is necessary to collect information in order to achieve this. We care about your privacy and believe we should be transparent about it.

For this reason, and for the purposes of the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 (hereinafter “RGPD”) on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (hereinafter, “LSSI”), KOA  informs the user that, as the party responsible for processing, it will   incorporate the personal data provided by users in an automated file.

Our commitment begins by explaining the following:

Your data is collected so that the user’s experience improves, attending to your interests and needs.   We are transparent in relation to the data we obtain about you and the reason why we do so.

Our intention is to offer you the best possible experience. Therefore, when we are going to use your personal information, we will always do so in compliance with the regulations, and when necessary, we will ask for your consent.

We understand that your details belong to you. Therefore, if you decide not to allow us to process them, you can ask us to  stop processing them.

Our priority is to guarantee your security and to treat your data in accordance with European regulations.

If you would like more information about how your data will be treated, please refer to the different sections of the privacy policy below:

Who is the controller your personal data?

Identity: KOA

Registered office: CALLE BARRIO PINAR DE ARNA 83 BAJO

C.I.F. nº.: B39796289

Email:  KOA@KOAESCUELADESURF.COM

KOA has appointed a Data Protection Delegate or an internal contact person within your organisation. If you wish to make a query regarding the processing of your personal data, you can contact him by email at KOA@KOAESCUELADESURF.COM.

What personal data do we collect?

The personal data that the user may provide:

Name, address and date of birth.

Telephone number and email address.

Location.

Information regarding payments and returns.

IP address, date and time you accessed our services, Internet browser you use and data about the operating system     of the device.

Any other information or data you choose to share with us.

In some cases, it is mandatory to fill out the registration form to access and enjoy certain services offered on the web, likewise, not providing the personal data requested or not accepting this data protection policy means the inability to subscribe, register or participate in any of the promotions in which personal data are requested.

Why do we treat your data?

In KOA we treat the information provided by interested people with the following purposes:

Manage orders or hire any of our services, either online or in physical stores.

Manage the sending of the information requested.

Develop commercial actions and carry out the maintenance and management of the relationship with the user, as well as the management of the services offered through the website and the information work, being able to carry out automatic valuations, obtaining profiles and segmentation work of customers in order to personalize the treatment according to their characteristics and needs and improve the customer’s online experience.

Develop and manage contests, sweepstakes or other promotional activities that may be organized.

In some cases it will be necessary to provide information to the Authorities or third companies for auditing purposes, as well as handle personal data from invoices, contracts and documents to respond to complaints from customers  or Public Administrations.

We inform you that the personal data obtained as a result of your registration as a user will form part of the Register of Activities and Treatment Operations (RAT), which will be updated periodically in accordance with the provisions of the RGPD.

What is the legitimacy for the treatment of your data?

The processing of your data may be based on the following legal bases:

Consent of the interested party for the contracting of services and products, for contact forms, requests for information or registration in e-newsletters.

Legitimate interest in the processing of customer data for direct marketing purposes and express consent of the data subject for all matters relating to automatic valuations and profiling.

Fulfilment of legal obligations for fraud prevention, communication with public authorities and claims of third parties.

How long do we keep your data?

The processing of data for the purposes described will be maintained for as long as necessary to meet the purpose of collection (for example, for the duration of the business relationship), as well as for compliance with legal obligations  arising from the processing of data.

To which recipients will your data be communicated?

In some cases, only when necessary, KOA will provide user data to third parties. However, the data will never be sold to  third parties. External service providers (e.g. payment providers or delivery companies) with whom KOA works may use the   data to provide the corresponding services, however they will not use this information for their own purposes or for transfer   to third parties.

KOA seeks to ensure the security of personal data when it is sent outside the company and ensures that third party service providers respect confidentiality and have adequate measures in place to protect personal data. These third parties have an obligation to ensure that the information is treated in accordance with data privacy regulations.

In some cases, the law may require that personal data be disclosed to public bodies or other parties, only what is strictly necessary for the fulfilment of such legal obligations will be disclosed.

Personal data obtained may also be shared with other companies in the group.

Where is your data stored?

In general, data is stored within the EU. Data sent to non-EU third parties will ensure that they offer an adequate level of protection, either because they have Binding Corporate Rules (BCR) or because they have adhered to the Privacy Shield.

What rights do you have and how can you exercise them?

You can address your communications and exercise your rights by petition at the following email address: KOA@KOAESCUELADESURF.COM.

Under the RGPD you can apply:

Right of information: you can request information about those personal data that we have about you.

Right of rectification: you can communicate any change in your personal data.

Right to erasure: you can request the prior deletion blocking of personal data.

Right to restriction of processing : this means restricting the processing of personal data.

Right to data portability : in some cases, you can ask for a copy of the personal data in a structured format, commonly used and mechanically read for transmission to another data controller.

Right to object and automated individual decision-making: you can request that decisions not be taken which are   based solely on automated processing, including profiling, which produces legal effects or significantly affects the     data subject.

In some cases, the request may be refused if you request that data necessary for the fulfilment of legal obligations be deleted.

Also, if you have a complaint about the processing of data you can make a complaint to the data protection authority.

Who is the controller for the accuracy and veracity of the data provided?

The user is solely responsible for the accuracy and correctness of the data included, exonerating KOA of any responsibility       in this regard. Users guarantee and respond, in any case, the accuracy, validity and authenticity of the personal data     provided, and undertake to keep them properly updated. The user agrees to provide complete and correct information in         the registration or subscription form KOA  reserves the right to terminate the services contracted with users, in the event        that the data provided are false, incomplete, inaccurate or are not updated.

KOA is not responsible for the veracity of the information that is not of its own elaboration and for which another source is indicated, therefore it does not assume any responsibility as far as hypothetical damages that could originate from the use of this information are concerned.

KOA reserves the right to update, modify or eliminate the information contained in its web pages and may even limit or  deny access to said information KOA of respondents are exonerated.

The user also certifies that he or she is over 14 years of age and that he or she has the necessary legal capacity to give consent for the processing of his or her personal data.

How do we treat the personal data of minors?

In principle, our services are not specifically aimed at minors. However, in the event that any of them is addressed to minors under fourteen years, in accordance with Article 8 of the RGPD and Article 7 of LO3/2018 of 5 December (LOPDGDD), KOA will require the valid, free, unequivocal, specific and informed consent of their legal guardians to process the personal data of minors. In this case, the identity card or other form of identification of the person giving consent will be required.

In the case of persons over fourteen years of age, the data may be processed with the consent of the user, with the exception of those cases in which the Law requires the assistance of the holders of parental authority or guardianship.

What security measures do we apply to protect your personal data?

KOA has adopted the legally required levels of personal data protection security, and tries to install those other means and additional technical measures within its reach to prevent the loss, misuse, alteration, unauthorized access and theft of     personal data provided to KOA

KOA   is  not  responsible  for  any  hypothetical  damages  that  may  arise  from  interferences,  omissions,  interruptions, computer viruses, telephone breakdowns or disconnections in the operation of this electronic system, caused by causes beyond the control of KOA of delays or blockages in the use of the present electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Centre, in the Internet system or in other electronic   systems, as well as of damages that may be caused by third parties through illegitimate intrusions beyond the control

of KOA However, the user must be aware that Internet security measures are not impregnable.

Links to other websites

The website www.koaescueladesurf.com may contain links to other websites. By clicking on one of these links and accessing an external website, the visit will be subject to the privacy policy of that website, being KOA disassociated from any responsibility about its privacy policy.

Can the privacy policy be modified?

This privacy policy may be modified. We recommend that you review the privacy policy from time to time.

Cookies Policy

In compliance with the duty of information contained in paragraph 2 of Article 22 of Law 34/2002 of July 11, Services of the Information Society and Electronic Commerce, this cookie policy is intended to inform you clearly and accurately about the cookies used on the website of KOA.

h2 dir=”ltr”>What are cookies?

A cookie is a small file that websites send to your browser and downloaded to your computer. Cookies allow the website to    store and retrieve information about your visit, such as your preferred language and other options, in order to improve the services offered and contribute to a better browsing experience for the user.

Authorization for the use of cookies

In accordance with the cookie notice that appears on the website, the user accepts that,   when  browsing  the  website,  he  expressly  consents  to  the  use  of  cookies  according  to  the  description  detailed  below, without prejudice to the fact that the user may modify the configuration of his browser in order to reject the use of cookies.

Types of cookies

Depending on who manages the domain from which the cookies are sent and the data processed, a distinction will be made between own cookies and third party cookies.

Cookies can also be classified according to how long they are stored in the user’s browser, distinguishing between session cookies or persistent cookies.

Finally, depending on the purpose for which the information collected is processed, cookies can be classified into the following categories:

Technical cookies